Krebs on Security reported that ‘the US Secret Service and the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) warned that a task force in Texas recently arrested suspects who have compromised computers within several major hotel business centers in the Dallas/Fort Worth areas”.
The perpetrators stole credit cards of guests or used the numbers to login to business computers, g0t access to their gmail accounts and executed the malicious key-logging software. This way the hackers gained access to log in credentials, bank accounts, retirement accounts, and personal webmail accounts.
Some basic recommendations such as restricting guests to non-administrator accounts or having a way of cleaning up after a session might help but they are not effective if the guests can insert CDs, USBs or flash drives. Attackers can add, delete or modify files on the hard drive and take over the computer.
Read the 10 immutable laws of security written by Microsoft TechNet.
It’s hard to determine if a public computer is secure to do anything else other than browse the Web. Bank transactions, writing emails, or revealing anything personal that could jeopardize the security of the individual should be avoided at all costs.
